include SecurityStamp in User object

2024-09-16 13:03:21 -04:00
parent c74065ff26
commit f2c854b53a
3 changed files with 11 additions and 2 deletions
--- a/Oqtane.Server/Controllers/UserController.cs
+++ b/Oqtane.Server/Controllers/UserController.cs
@ -123,8 +123,11 @@ namespace Oqtane.Controllers
                filtered.UserId = user.UserId;
                filtered.Username = user.Username;
                filtered.DisplayName = user.DisplayName;
+
+                // restricted properties
                filtered.Password = "";
                filtered.TwoFactorCode = "";
+                filtered.SecurityStamp = "";

                // include private properties if authenticated user is accessing their own user account os is an administrator
                if (_userPermissions.IsAuthorized(User, user.SiteId, EntityNames.User, -1, PermissionNames.Write, RoleNames.Admin) || _userPermissions.GetUser(User).UserId == user.UserId)
--- a/Oqtane.Server/Managers/UserManager.cs
+++ b/Oqtane.Server/Managers/UserManager.cs
@ -64,6 +64,7 @@ namespace Oqtane.Managers
                {
                    user.SiteId = siteid;
                    user.Roles = GetUserRoles(user.UserId, user.SiteId);
+                    user.SecurityStamp = _identityUserManager.FindByNameAsync(user.Username).GetAwaiter().GetResult()?.SecurityStamp;
                    user.Settings = _settings.GetSettings(EntityNames.User, user.UserId)
                        .ToDictionary(setting => setting.SettingName, setting => setting.SettingValue);
                }